Web Application Firewalls: Panel Discussion

Slides:

Advertisements

Similar presentations

Firewall Simulation Teaching Information Security Using: Visualization Tools, Case Studies, and Hands-on Exercises May 23, 2012.

Advertisements

© 2015 Imperva, Inc. All rights reserved. Collateral DDoS Ido Leibovich, ADC.

Magic Quadrants 1. Research Processes Behind Methodologies 2 Qualitative Insight Research Quantitative Market Research Magic Quadrants Market Scopes Hype.

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

1 June 1, 2015 Secure access to project budget information for OAR Principal Investigators Eugene F Burger Sylvia Scott Tracey Nakamura John L Forbes PMEL.

Barracuda Web Application Firewall

By Ben Pratt and Clint Forseth.  Ben Pratt ◦ Primary Role: Course Mgmt. Sys. Admin ◦ Secondary Roles: Printer Server Admin, Web Application Firewall.

Hype Cycle 2010 and Cloud Computing Sidra Inayat.

Internet Quarantine: Requirements for Containing Self-Propagating Code David Moore et. al. University of California, San Diego.

BUILDING A SECURE STANDARD LIBRARY Information Assurance Project I MN Tajuddin hj. Tappe Supervisor Mdm. Rasimah Che Mohd Yusoff ASP.NET TECHNOLOGY.

Department Of Computer Engineering

1 Integrating ISA Server and Exchange Server. 2 How works.

Securing Legacy Software SoBeNet User group meeting 25/06/2004.

That’s Really not the Point… haroon meer | charl van der walt SensePost.

ISOM MIS3150 Data and Info Mgmt Database Security Arijit Sengupta.

Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 - Databases, Controls, and Security.

Chapter 2. Core Defense Mechanisms. Fundamental security problem All user input is untrusted.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

SIGITE 2008: Oct Integrating Web Application Security into the IT Curriculum James Walden Northern Kentucky University.

Overview of Microsoft ISA Server. Introducing ISA Server New Product—Proxy Server In 1996, Netscape had begun to sell a web proxy product, which optimized.

HIPS Host-Based Intrusion Prevention System By Ali Adlavaran & Mahdi Mohamad Pour (M.A. Team) Life’s Live in Code Life.

PwC New Technologies New Risks. PricewaterhouseCoopers Technology and Security Evolution Mainframe Technology –Single host –Limited Trusted users Security.

Security fundamentals Topic 10 Securing the network perimeter.

ITGS Network Architecture. ITGS Network architecture –The way computers are logically organized on a network, and the role each takes. Client/server network.

The Hype Cycle. The five stages in Gartner's interpretation of the Hype Cycle. 1. "Technology Trigger" is the first phase of a hype cycle. This could.

Firewalls2 By using a firewall: We can disable a service by throwing out packets whose source or destination port is the port number for that service.

Windows ® Azure ™ Platform. Network Architecture Packet Filtering Built-In Firewalls Connect Service SSL WCF Security Agenda.

CHAPTER 2 Laws of Security. Introduction Laws of security enable user make the judgment about the security of a system. Some of the “laws” are not really.

Kona Security Solutions - Overview

Telefónica Data Perú S.A.A. How will e-commerce affect the Transportation Industry Ing. Ricardo Lanfranco Varea Central Manager Sales & Marketing Telefónica.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Meeting enterprise requirements with mash-ups Sean Phelan Founder & Chairman.

Taking on Tomorrow's Challenges Today Taking on Tomorrow's Challenges Today Almost every organisation has been attacked …. But most don’t know about it!

Security fundamentals

Denial of Service Mitigation with OpenFlow using SciPass

Database and Cloud Security

Internet Quarantine: Requirements for Containing Self-Propagating Code

Web Application Protection Against Hackers and Vulnerabilities

Data and database administration

Securing the Network Perimeter with ISA 2004

Web Application Firewall Bypassing – an approach for pentesters

Outline Basics of network security Definitions Sample attacks

Outline Introduction Characteristics of intrusion detection systems

Systems Life Cycle: Testing

CS691 M2009 Semester Project PHILIP HUYNH

Originally by Yu Yang and Lilly Wang Modified by T. A. Yang

HTML Level II (CyberAdvantage)

Network Security and Monitoring

By: Dr. Visavnath, Lecturer Comp. Engg. Deptt.

CS691 M2009 Semester Project PHILIP HUYNH

Speaker: Shane Jahnke CS 6910 – Advanced System Security & Design

AKAMAI INTELLIGENT PLATFORM™

A Web-based Integrated Console for Controlling a Set of Networks

Check Point Connectra NGX R60

Protect Microsoft Azure Apps from the Risks of Defacement, Data Leakage and Identity Theft “Microsoft Azure is the obvious platform to deploy your cloud.

CORE Security Technologies

How to Mitigate the Consequences What are the Countermeasures?

File Operations Access Permissions.

Security at the Source.

Cyber security and Computer Misuse

By: Dr. Visavnath, Lecturer Comp. Engg. Deptt.

Outline Basics of network security Definitions Sample attacks

Digital Literacies for learning

Penetration Testing Market Research Report By Forecast to 2023 Industry Survey, Growth, Competitive Landscape and Forecasts to 2023 PREPARED BY Market.

Presentation transcript:

Web Application Firewalls: Panel Discussion Sebastien Deleersnyder CISSP Feb, 2006 sdl@ascure.com

Agenda Panel Introduction WAF Primer Panel Discussion

Agenda Panel Introduction WAF Primer Panel Discussion

Panel Introduction Philippe Bogaerts, BeeWare Jaak Cuppens, F5 Networks Tim Groenwals, Agfa Gevaert Lieven Desmet, K.U.Leuven David Van der Linden, ING present yourself shortly + how do you or your organisation use the Top 10 ?

Agenda Introduction WAF Primer Panel Discussion

Network Firewalls Do Not Work Application Database Server Web Client Web Server Application HTTP(S) Traffic Port 80 (443)

Enter Web Application Firewall Era HW/SW that mitigates web application vulnerabilities: Invalidated Input Parameter tampering Injection Flaws …

Web Application Firewalls They understand HTTP/HTML very well They work after traffic is decrypted, or can otherwise terminate SSL Prevention is possible

Topologies Network-based: Web server-based: Protects any web server Works with many servers at once Web server-based: Closer to the application Limited by the web server API

WAF functionality Rule-based: Anomaly-based: Uses rules to look for known vulnerabilities Or rules to look for classes of attack Rely on rule databases Anomaly-based: Attempts to figure out what normal operation means

WAF Protection Strategies Negative security model: Deny what might be dangerous. Do you always know what is dangerous? Positive security model: Allow what is known to be safe. Positive security model is better.

Vendors MOD-Security Beeware IntelliWall Citrix NetScaler Application Firewall (Teros) DenyAll rWeb F5 TrafficShield (Magnifire) Imperva SecureSphere Netcontinuum Breach BreachGate WebDefend … eEye SecureIIS Microsoft URLScan WAF? CheckPoint Application Intelligence? MS ISA Server? Dead: Kavado InterDo Watchfire AppShield (Sanctum) Ubizen DMZShield

Agenda Introduction WAF Primer Panel Discussion

How mature are WAFs? What are the 5 phases of a Hype Cycle? 1. "Technology Trigger" The first phase of a Hype Cycle is the "technology trigger" or breakthrough, product launch or other event that generates significant press and interest. 2. "Peak of Inflated Expectations" In the next phase, a frenzy of publicity typically generates over-enthusiasm and unrealistic expectations. There may be some successful applications of a technology, but there are typically more failures. 3. "Trough of Disillusionment" Technologies enter the "trough of disillusionment" because they fail to meet expectations and quickly become unfashionable. Consequently, the press usually abandons the topic and the technology. 4. "Slope of Enlightenment" Although the press may have stopped covering the technology, some businesses continue through the "slope of enlightenment" and experiment to understand the benefits and practical application of the technology. 5. "Plateau of Productivity" A technology reaches the "plateau of productivity" as the benefits of it become widely demonstrated and accepted. The technology becomes increasingly stable and evolves in second and third generations. The final height of the plateau varies according to whether the technology is broadly applicable or benefits only a niche market.

What do WAFs protect you from? What not? Panel Discussion What do WAFs protect you from? What not? Where do you position WAFs in your architecture? What WAF functionality do you really need? How to reduce TCO? Who administrates a WAF within the organisation?